On Mon, May 15, 2017 at 05:22:14PM +0200, Tomas Mraz wrote: > On Mon, 2017-05-15 at 17:15 +0200, Jakub Hrozek wrote: > > On Mon, May 15, 2017 at 04:35:56PM +0200, Tomas Mraz wrote: > > > My current Fedora 26 default nsswitch.conf contains these lines: > > > > > > passwd: sss files systemd > > > shadow: files sss > > > group: sss files systemd > > > > > > Not sure which package created this configuration, but: > > > > > > * Where is the consistency? > > > * Where is the Fedora Change page that talks about these > > > modifications > > > of fairly critical systemwide configuration file? > > > * From which time systemd started to manage user accounts of the > > > machine, again where is the Fedora Change page for such change? > > > > Is this what you are looking for? > > https://fedoraproject.org/wiki/Changes/SSSDCacheForLocalUsers > > > > That page says: > > """ > > This change proposes leveraging a new "files" provider SSSD will ship > > in > > the next version in order to resolve also users from the local files. > > That way, the "sss" NSS module can be configured before the files > > module > > in nsswitch.conf and the system could leverage sss_nss caching for > > both > > local and remote users. > > """ > > The questions still hold for the consistency between passwd and shadow > and also for the systemd module present.
Since sssd doesn't handle the password map, being consistent there in the ordering sense (sss before files) wouldn't make much sense, because the nss module functions for the shadow map are not even implemented in nss_sss. We could even omit the sss module from that map altogether. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
